Whoops my bad Forgot I had updated the HTTP vars in my script. Let me fix the instructions. $HTTP_POST_VARS is the deprecated method and has been replaced with $_POST but both do exactly the same thing.

BTW I have now been using this method for seven days on my own guestbook and logged all entries classed as spam. It has stopped 52 attempted automated postings (spam entries).

Oh and sorry for the delay in getting back to you but I never got an email saying this thread had received a reply

Btw in the eight days I have been using this method and logging the spam I have just hit 100 attempted spam entries. I think I just started logging in time to catch someone just starting to spam as the first entries are messed up with the date as their name and the date also in the urls. They are still messing up by puttig +'s in the names where spaces should be. You can also tell they are all from the same person due to the fact the ICQ number on all of them is 864530. I think it may be a worm or a trojan as all the posts come from different IP's.

The guestbook, like all forms, works by having inputs for you to fill in. Each input has a name so it can be identified when submitted. The spam used to work by just sending a packet (how all information is sent over the net) to your server with the names of the inputs with the data they want posted. Some even sent the input names for both AG 2.2 and 2.3.1 in the same packets.

The simple anti spam method works by changing the name given to the submit button. If the buttons correct name is not sent in the packet the guestbook will just ignore the packet. Since I wrote this though a couple of the spammers have gotten wise to this (I guess they read this forum or my own). Their scripts/programs now visit the page first to get the names of the inputs before sending the data.

While this is still a valid method for stopping a large percentage of spam (I stopped 350 posts in a month using this method) I'd suggest using it in association with the human verification.